rpms / libyaml

Clone
Source Code
GIT

Blame SOURCES/libyaml-CVE-2013-6393-node-id-hardening.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c7
  2.   SOURCES
  3.   libyaml-CVE-2013-6393-node-id-hardening.patch
Blob History Raw
cb67ac 
# HG changeset patch
cb67ac 
# User Florian Weimer <fweimer@redhat.com>
cb67ac 
# Date 1389274355 -3600
cb67ac 
#      Thu Jan 09 14:32:35 2014 +0100
cb67ac 
# Node ID 034d7a91581ac930e5958683f1a06f41e96d24a2
cb67ac 
# Parent  a54d7af707f25dc298a7be60fd152001d2b3035b
cb67ac 
yaml_stack_extend: guard against integer overflow
cb67ac
cb67ac 
diff --git a/src/api.c b/src/api.c
cb67ac 
--- a/src/api.c
cb67ac 
+++ b/src/api.c
cb67ac 
@@ -117,7 +117,12 @@
cb67ac 
 YAML_DECLARE(int)
cb67ac 
 yaml_stack_extend(void **start, void **top, void **end)
cb67ac 
 {
cb67ac 
-    void *new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
cb67ac 
+    void *new_start;
cb67ac 
+
cb67ac 
+    if ((char *)*end - (char *)*start >= INT_MAX / 2)
cb67ac 
+	return 0;
cb67ac 
+
cb67ac 
+    new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
cb67ac
cb67ac 
     if (!new_start) return 0;
cb67ac

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation